80 percent of online retailers fail password security test

Share

In a survey of the 25 most popular online retailers, 80 percent of websites did not meet Dashlane’s standards for setting “minimum secure password threshold.” Apple scored the best, the only site with a perfect score. Dick’s Sporting Goods got the lowest score.

A wide shift towards online retail over the last decade — Dashlane estimates that nearly 50 percent of all holiday shopping will take place over the Internet in 2015 — has drastically increased the pool of potential hacking victims globally and upped the cybersecurity ante for retails firms.

Yet, according to the study, 72 percent of sites do not require passwords with a capital letter and a number or symbol, and nearly a third commit the security taboo of accepting the 10 most common passwords, including “password.”

(PR Newswire)

Dashlane analyzed sites on 22 criteria, creating composite scores for each company that ranged from -100 to +100, with a score of +50 standing as the minimum safe password requirement. Apple, Target and Best Buy topped the list, with scores of 100, 85, and 75, respectively.

“It is encouraging to see positive password security trends in the world of e-commerce,” Schalit said. “Yet, while the numbers indicate retailers are moving in the right direction, much work remains. It’s 2015, so no website has an excuse for not implementing security policies that will better secure their users.”